The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-23455: Fixed a denial of service inside atm_tc_enqueue in net/sched/sch_atm.c because of type confusion . - CVE-2023-23454: Fixed denial or service in cbq_classify in net/sched/sch_cbq.c . - CVE-2023-0590: Fixed race condition in qdisc_graft . - CVE-2023-0266: Fixed a use-after-free vulnerability inside the ALSA PCM package. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 was missing locks that could have been used in a use-after-free that could have resulted in a priviledge escalation to gain ring0 access from the system user . - CVE-2023-0179: Fixed incorrect arithmetics when fetching VLAN header bits . - CVE-2023-0122: Fixed a NULL pointer dereference vulnerability in nvmet_setup_auth, that allowed an attacker to perform a Pre-Auth Denial of Service attack on a remote machine . - CVE-2022-4382: Fixed a use-after-free flaw that was caused by a race condition among the superblock operations inside the gadgetfs code . - CVE-2020-24588: Fixed injection of arbitrary network packets against devices that support receiving non-SSP A-MSDU frames . The following non-security bugs were fixed: - ACPI: EC: Fix EC address space handler unregistration . - ACPI: EC: Fix ECDT probe ordering issues . - ACPI: PRM: Check whether EFI runtime is available . - ACPICA: Allow address_space_handler Install and _REG execution as 2 separate steps . - ACPICA: include/acpi/acpixf.h: Fix indentation . - ALSA: control-led: use strscpy in set_led_id . - ALSA: hda - Enable headset mic on another Dell laptop with ALC3254 . - ALSA: hda/hdmi: Add a HP device 0x8715 to force connect list . - ALSA: hda/realtek - Turn on power early . - ALSA: hda/realtek: Add Acer Predator PH315-54 . - ALSA: hda/realtek: Enable mute/micmute LEDs on HP Spectre x360 13-aw0xxx . - ALSA: hda/realtek: fix mute/micmute LEDs do not work for a HP platform . - ALSA: hda/realtek: fix mute/micmute LEDs for a HP ProBook . - ALSA: hda/realtek: fix mute/micmute LEDs, speaker do not work for a HP platform . - ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path . - ALSA: hda: cs35l41: Check runtime suspend capability at runtime_idle . - ALSA: hda: cs35l41: Do not return -EINVAL from system suspend/resume . - ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF . - ALSA: usb-audio: Make sure to stop endpoints before closing EPs . - ALSA: usb-audio: Relax hw constraints for implicit fb sync . - ARM: dts: at91: sam9x60: fix the ddr clock for sam9x60 . - ARM: dts: imx6qdl-gw560x: Remove incorrect "uart-has-rtscts" . - ARM: dts: imx6ul-pico-dwarf: Use "clock-frequency" . - ARM: dts: imx7d-pico: Use "clock-frequency" . - ARM: dts: imx: Fix pca9547 i2c-mux node name . - ARM: dts: vf610: Fix pca9548 i2c-mux node names . - ARM: imx: add missing of_node_put . - ASoC: Intel: bytcr_rt5651: Drop reference count of ACPI device after use . - ASoC: Intel: bytcr_wm5102: Drop reference count of ACPI device after use . - ASoC: fsl-asoc-card: Fix naming of AC"97 CODEC widgets . - ASoC: fsl_micfil: Correct the number of steps on SX controls . - ASoC: fsl_ssi: Rename AC"97 streams to avoid collisions with AC"97 CODEC . - ASoC: qcom: lpass-cpu: Fix fallback SD line index handling . - ASoC: wm8904: fix wrong outputs volume after power reactivation . - Bluetooth: Fix possible deadlock in rfcomm_sk_state_change . - Bluetooth: hci_qca: Fix driver shutdown on closed serdev . - Documentation: Remove bogus claim about del_timer_sync . - HID: betop: check shape of output reports . - HID: betop: check shape of output reports . - HID: check empty report_list in bigben_probe . - HID: check empty report_list in hid_validate_values . - HID: drop assumptions on non-empty lists . - HID: intel_ish-hid: Add check for ishtp_dma_tx_map . - HID: playstation: sanity check DualSense calibration data . - HID: revert CHERRY_MOUSE_000C quirk . - IB/hfi1: Fix expected receive setup error exit issues - IB/hfi1: Immediately remove invalid memory from hardware - IB/hfi1: Reject a zero-length user expected buffer - IB/hfi1: Remove user expected buffer invalidate race - IB/hfi1: Reserve user expected TIDs - IB/mad: Do not call to function that might sleep while in atomic context . - KVM: x86: Check for existing Hyper-V vCPU in kvm_hv_vcpu_init . - PCI/PM: Define pci_restore_standard_config only for CONFIG_PM_SLEEP . - PM: AVS: qcom-cpr: Fix an error handling path in cpr_probe . - RDMA/core: Fix ib block iterator counter overflow . - RDMA/core: Fix ib block iterator counter overflow - RDMA/mlx5: Fix mlx5_ib_get_hw_stats when used for device - RDMA/mlx5: Fix validation of max_rd_atomic caps for DC - RDMA/rxe: Prevent faulty rkey generation - RDMA/srp: Move large values to a new enum for gcc13 - Revert "ARM: dts: armada-38x: Fix compatible string for gpios" . - Revert "ARM: dts: armada-39x: Fix compatible string for gpios" . - Revert "Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI mode" . - Revert "Revert "block, bfq: honor already-setup queue merges"" . - Revert "arm64: dts: meson-sm1-odroid-hc4: disable unused USB PHY0" . - Revert "wifi: mac80211: fix memory leak in ieee80211_if_add" . - SUNRPC: Do not dereference xprt-greater than snd_task if it"s a cookie . - SUNRPC: Use BIT macro in rpc_show_xprt_state . - USB: gadget: Fix use-after-free during usb config switch . - USB: misc: iowarrior: fix up header size for USB_DEVICE_ID_CODEMERCS_IOW100 . - USB: serial: cp210x: add SCALANCE LPE-9000 device id . - USB: serial: option: add Quectel EC200U modem . - USB: serial: option: add Quectel EM05-G modem . - USB: serial: option: add Quectel EM05-G modem . - USB: serial: option: add Quectel EM05-G modem . - USB: serial: option: add Quectel EM05CN modem . - USB: serial: option: add Quectel EM05CN modem . - VMCI: Use threaded irqs instead of tasklets . - arm64: atomics: format whitespace consistently . - arm64: dts: imx8mm-beacon: Fix ecspi2 pinmux . - arm64: dts: imx8mm-venice-gw7901: fix USB2 controller OC polarity . - arm64: dts: imx8mm: Fix pad control for UART1_DTE_RX . - arm64: dts: imx8mq-thor96: fix no-mmc property for SDHCI . - arm64: dts: qcom: msm8992-libra: Add CPU regulators . - arm64: dts: qcom: msm8992-libra: Fix the memory map . - arm64: dts: qcom: msm8992: Do not use sfpb mutex . - arm64: efi: Execute runtime services from a dedicated stack . - ata: libata: Fix sata_down_spd_limit when no link speed is reported . - ath11k: Fix unexpected return buffer manager error for QCA6390 . - bcache: fix set_at_max_writeback_rate for multiple attached devices . - bfq: fix use-after-free in bfq_dispatch_request . - bfq: fix waker_bfqq inconsistency crash . - blk-throttle: prevent overflow while calculating wait time . - blk-wbt: fix that "rwb-greater than wc" is always set to 1 in wbt_init . - blktrace: Fix output non-blktrace event when blk_classic option enabled . - block, bfq: do not move oom_bfqq . - block, bfq: fix null pointer dereference in bfq_bio_bfqg . - block, bfq: fix possible uaf for "bfqq-greater than bic" . - block, bfq: fix uaf for bfqq in bfq_exit_icq_bfqq . - block, bfq: protect "bfqd-greater than queued" by "bfqd-greater than lock" . - block/bfq_wf2q: correct weight to ioprio . - block/bio: remove duplicate append pages code . - block: check minor range in device_add_disk . - block: ensure iov_iter advances for added pages . - block: fix infinite loop for invalid zone append . - block: mq-deadline: Fix dd_finish_request for zoned devices . - block: use bdev_get_queue in bio.c . - bnx2x: fix pci device refcount leak in bnx2x_vf_is_pcie_pending . - bnxt_en: Fix possible crash in bnxt_hwrm_set_coal . - bnxt_en: Remove debugfs when pci_register_driver failed . - bnxt_en: add dynamic debug support for HWRM messages . - bnxt_en: fix potentially incorrect return value for ndo_rx_flow_steer . - bnxt_en: fix the handling of PCIE-AER . - bnxt_en: refactor bnxt_cancel_reservations . - btrfs: add helper to delete a dir entry from a log tree . - btrfs: avoid inode logging during rename and link when possible . - btrfs: avoid logging all directory changes during renames . - btrfs: backport recent fixes for send/receive into SLE15 SP4/SP5 . - btrfs: do not log unnecessary boundary keys when logging directory . - btrfs: fix assertion failure when logging directory key range item . - btrfs: fix processing of delayed data refs during backref walking . - btrfs: fix processing of delayed tree block refs during backref walking . - btrfs: fix race between quota enable and quota rescan ioctl . - btrfs: fix race between quota rescan and disable leading to NULL pointer deref . - btrfs: fix trace event name typo for FLUSH_DELAYED_REFS . - btrfs: join running log transaction when logging new name . - btrfs: move QUOTA_ENABLED check to rescan_should_stop from btrfs_qgroup_rescan_worker . - btrfs: pass the dentry to btrfs_log_new_name instead of the inode . - btrfs: prepare extents to be logged before locking a log tree path . - btrfs: put initial index value of a directory in a constant . - btrfs: qgroup: remove duplicated check in adding qgroup relations . - btrfs: qgroup: remove outdated TODO comments . - btrfs: remove unnecessary NULL check for the new inode during rename exchange . - btrfs: remove useless path release in the fast fsync path . - btrfs: remove write and wait of struct walk_control . - btrfs: stop copying old dir items when logging a directory . - btrfs: stop doing unnecessary log updates during a rename . - btrfs: stop trying to log subdirectories created in past transactions . - btrfs: use single variable to track return value at btrfs_log_inode . - bus: sunxi-rsb: Fix error handling in sunxi_rsb_init . - can: j1939: fix errant WARN_ON_ONCE in j1939_session_deactivate . - cifs: Fix uninitialized memory read for smb311 posix symlink create . - cifs: avoid re-lookups in dfs_cache_find . - cifs: do not include page data when checking signature . - cifs: do not query ifaces on smb1 mounts . - cifs: don"t take exclusive lock for updating target hints . - cifs: fix double free on failed kerberos auth . - cifs: fix file info setting in cifs_open_file . - cifs: fix file info setting in cifs_query_path_info . - cifs: fix potential deadlock in cache_refresh_path . - cifs: fix potential memory leaks in session setup . - cifs: fix race in assemble_neg_contexts . - cifs: fix return of uninitialized rc in dfs_cache_update_tgthint . - cifs: handle cache lookup errors different than -ENOENT . - cifs: ignore ipc reconnect failures during dfs failover . - cifs: protect access of TCP_Server_Info::{dstaddr,hostname} . - cifs: remove duplicate code in __refresh_tcon . - cifs: remove redundant assignment to the variable match . - cifs: remove unused function . - comedi: adv_pci1760: Fix PWM instruction handling . - config: arm64: Fix Freescale LPUART dependency . - cpufreq: Add Tegra234 to cpufreq-dt-platdev blocklist . - cpufreq: armada-37xx: stop using 0 as NULL pointer . - crypto: fixed DH and ECDH implemention for FIPS PCT . - dm btree: add a defensive bounds check to insert_at . - dm cache: Fix ABBA deadlock between shrink_slab and dm_cache_metadata_abort . - dm cache: Fix UAF in destroy . - dm cache: set needs_check flag after aborting metadata . - dm clone: Fix UAF in clone_dtr . - dm integrity: Fix UAF in dm_integrity_dtr . - dm integrity: clear the journal on suspend . - dm integrity: flush the journal on suspend . - dm ioctl: fix misbehavior if list_versions races with module loading . - dm ioctl: prevent potential spectre v1 gadget . - dm raid: fix address sanitizer warning in raid_resume . - dm raid: fix address sanitizer warning in raid_status . - dm space map common: add bounds check to sm_ll_lookup_bitmap . - dm thin: Fix ABBA deadlock between shrink_slab and dm_pool_abort_metadata . - dm thin: Fix UAF in run_timer_softirq . - dm thin: Use last transaction"s pmd-greater than root when commit failed . - dm thin: resume even if in FAIL mode . - dm writecache: set a default MAX_WRITEBACK_JOBS . - dm: fix alloc_dax error handling in alloc_dev . - dm: requeue IO if mapping table not yet available . - dmaengine: Fix double increment of client_count in dma_chan_get . - dmaengine: idxd: Do not call DMX TX callbacks during workqueue disable . - dmaengine: idxd: Let probe fail when workqueue cannot be enabled . - dmaengine: imx-sdma: Fix a possible memory leak in sdma_transfer_init . - dmaengine: lgm: Move DT parsing after initialization . - dmaengine: tegra210-adma: fix global intr clear . - dmaengine: ti: k3-udma: Do conditional decrement of UDMA_CHAN_RT_PEER_BCNT_REG . - dmaengine: xilinx_dma: call of_node_put when breaking out of for_each_child_of_node . - docs: Fix the docs build with Sphinx 6.0 . - driver core: Fix test_async_probe_init saves device in wrong array . - drivers: net: xgene: disable napi when register irq failed in xgene_enet_open . - drivers:md:fix a potential use-after-free bug . - drm/amd/display: Calculate output_color_space after pixel encoding adjustment . - drm/amd/display: Fix COLOR_SPACE_YCBCR2020_TYPE matrix . - drm/amd/display: Fix set scaling doesn"s work . - drm/amd/display: Take emulated dc_sink into account for HDCP . - drm/amd/display: fix issues with driver unload . - drm/amdgpu: complete gfxoff allow signal during suspend without delay . - drm/amdgpu: disable runtime pm on several sienna cichlid cards . - drm/amdgpu: drop experimental flag on aldebaran . - drm/hyperv: Add error message for fb size greater than allocated . - drm/i915/adlp: Fix typo for reference clock . - drm/i915/display: Check source height is greater than 0 . - drm/i915/gt: Reset twice . - drm/i915/selftest: fix intel_selftest_modify_policy argument types . - drm/i915: Fix potential bit_17 double-free . - drm/i915: re-disable RC6p on Sandy Bridge . - drm/msm/adreno: Make adreno quirks not overwrite each other . - drm/msm/dp: do not complete dp_aux_cmd_fifo_tx if irq is not for aux transfer . - drm/msm: another fix for the headless Adreno GPU . - drm/panfrost: fix GENERIC_ATOMIC64 dependency . - drm/vc4: hdmi: make CEC adapter name unique . - drm/virtio: Fix GEM handle creation UAF . - drm: Add orientation quirk for Lenovo ideapad D330-10IGL . - dt-bindings: msm/dsi: Do not require vcca-supply on 14nm PHY . - dt-bindings: msm/dsi: Do not require vdds-supply on 10nm PHY . - dt-bindings: msm: dsi-controller-main: Fix description of core clock . - dt-bindings: msm: dsi-controller-main: Fix operating-points-v2 constraint . - dt-bindings: msm: dsi-phy-28nm: Add missing qcom, dsi-phy-regulator-ldo-mode . - efi: fix potential NULL deref in efi_mem_reserve_persistent . - efi: fix userspace infinite retry read efivars after EFI runtime services page fault . - efi: rt-wrapper: Add missing include . - efi: tpm: Avoid READ_ONCE for accessing the event log . - ext4: Fixup pages without buffers . - extcon: usbc-tusb320: fix kernel-doc warning . - fbcon: Check font dimension limits . - fbdev: omapfb: avoid stack overflow warning . - firewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region . - firmware: arm_scmi: Harden shared memory access in fetch_notification . - firmware: arm_scmi: Harden shared memory access in fetch_response . - fpga: stratix10-soc: Fix return value check in s10_ops_write_init . - fs: remove __sync_filesystem . - ftrace/x86: Add back ftrace_expected for ftrace bug reports . - ftrace: Clean comments related to FTRACE_OPS_FL_PER_CPU . - git_sort: add usb-linus branch for gregkh/usb - gsmi: fix null-deref in gsmi_get_variable . - hv_netvsc: Fix missed pagebuf entries in netvsc_dma_map/unmap . - i2c: mv64xxx: Add atomic_xfer method to driver . - i2c: mv64xxx: Remove shutdown method from driver . - i40e: Disallow ip4 and ip6 l4_4_bytes . - i40e: Fix error handling in i40e_init_module . - i40e: Fix not setting default xps_cpus after reset . - igb: Allocate MSI-X vector when testing . - iio: adc: berlin2-adc: Add missing of_node_put in error path . - iio: adc: stm32-dfsdm: fill module aliases . - iio: hid: fix the retval in accel_3d_capture_sample . - iio: hid: fix the retval in gyro_3d_capture_sample . - iio: imu: fxos8700: fix ACCEL measurement range selection . - iio: imu: fxos8700: fix IMU data bits returned to user space . - iio: imu: fxos8700: fix MAGN sensor scale and unit . - iio: imu: fxos8700: fix failed initialization ODR mode assignment . - iio: imu: fxos8700: fix incomplete ACCEL and MAGN channels readback . - iio: imu: fxos8700: fix incorrect ODR mode readback . - iio: imu: fxos8700: fix map label of channel type to MAGN sensor . - iio: imu: fxos8700: fix swapped ACCEL and MAGN channels readback . - iio: imu: fxos8700: remove definition FXOS8700_CTRL_ODR_MIN . - iio:adc:twl6030: Enable measurement of VAC . - iio:adc:twl6030: Enable measurements of VUSB, VBAT and others . - ipmi:ssif: Add 60ms time internal between write retries . - ipmi:ssif: Increase the message retry time . - ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network . - ixgbevf: Fix resource leak in ixgbevf_init_module . - jbd2: use the correct print format . - kABI workaround for struct acpi_ec . - kABI: Preserve TRACE_EVENT_FL values . - kabi/severities: add mlx5 internal symbols - l2tp: Do not sleep and disable BH under writer-side sk_callback_lock . - loop: Fix the max_loop commandline argument treatment when it is set to 0 . - md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d . - md: Flush workqueue md_rdev_misc_wq in md_alloc . - md: Notify sysfs sync_completed in md_reap_sync_thread . - md: protect md_unregister_thread from reentrancy . - mei: me: add meteor lake point M DID . - memory: atmel-sdramc: Fix missing clk_disable_unprepare in atmel_ramc_probe . - memory: mvebu-devbus: Fix missing clk_disable_unprepare in mvebu_devbus_probe . - memory: tegra: Remove clients SID override programming . - misc: fastrpc: Do not remove map on creater_process and device_release . - misc: fastrpc: Fix use-after-free race condition for maps . - mm: /proc/pid/smaps_rollup: fix no vma"s null-deref . - mm: compaction: kABI: avoid pglist_data kABI breakage . - mm: compaction: support triggering of proactive compaction by user . - mmc: sdhci-esdhc-imx: correct the tuning start tap and step setting . - mmc: sunxi-mmc: Fix clock refcount imbalance during unbind . - module: Do not wait for GOING modules . - mt76: fix use-after-free by removing a non-RCU wcid pointer . - mt76: mt7921: avoid unnecessary spin_lock/spin_unlock in mt7921_mcu_tx_done_event . - nbd: Fix hung on disconnect request if socket is closed before . - nbd: Fix hung when signal interrupts nbd_start_device_ioctl . - nbd: call genl_unregister_family first in nbd_cleanup . - nbd: fix io hung while disconnecting device . - nbd: fix race between nbd_alloc_config and module removal . - net/mlx4: Check retval of mlx4_bitmap_init . - net/mlx5: Dynamically resize flow counters query buffer . - net/tg3: resolve deadlock in tg3_reset_task during EEH . - net: cxgb3_main: disable napi when bind qsets failed in cxgb_up . - net: ena: Fix error handling in ena_init . - net: liquidio: release resources when liquidio driver open failed . - net: liquidio: simplify if expression . - net: macvlan: Use built-in RCU list checking . - net: macvlan: fix memory leaks of macvlan_common_newlink . - net: mdio: validate parameter addr in mdiobus_get_phy . - net: nfc: Fix use-after-free in local_cleanup . - net: phy: dp83822: Fix null pointer access on DP83825/DP83826 devices . - net: phy: meson-gxl: Add generic dummy stubs for MMD register access . - net: tun: Fix memory leaks of napi_get_frags . - net: tun: Fix use-after-free in tun_detach . - net: tun: call napi_schedule_prep to ensure we own a napi . - net: usb: cdc_ether: add support for Thales Cinterion PLS62-W modem . - net: usb: sr9700: Handle negative len . - net: wan: Add checks for NULL for utdm in undo_uhdlc_init and unmap_si_regs . - netrom: Fix use-after-free caused by accept on already connected socket . - netrom: Fix use-after-free of a listening socket . - nilfs2: fix general protection fault in nilfs_btree_insert . - null_blk: fix ida error handling in null_add_dev . - octeontx2-af: Fix reference count issue in rvu_sdp_init . - octeontx2-af: debugsfs: fix pci device refcount leak . - octeontx2-pf: Add check for devm_kcalloc . - octeontx2-pf: Fix potential memory leak in otx2_init_tc . - of/address: Return an error when no valid dma-ranges are found . - phy: Revert "phy: qualcomm: usb28nm: Add MDM9607 init sequence" . - phy: phy-can-transceiver: Skip warning if no "max-bitrate" . - phy: rockchip-inno-usb2: Fix missing clk_disable_unprepare in rockchip_usb2phy_power_on . - phy: ti: fix Kconfig warning and operator precedence . - pinctrl: amd: Add dynamic debugging for active GPIOs . - pinctrl: rockchip: fix mux route data for rk3568 . - platform/surface: aggregator: Add missing call to ssam_request_sync_free . - platform/surface: aggregator: Ignore command messages not intended for us . - platform/x86: asus-nb-wmi: Add alternate mapping for KEY_SCREENLOCK . - platform/x86: dell-privacy: Fix SW_CAMERA_LENS_COVER reporting . - platform/x86: dell-privacy: Only register SW_CAMERA_LENS_COVER if present . - platform/x86: sony-laptop: Do not turn off 0x153 keyboard backlight during probe . - platform/x86: touchscreen_dmi: Add info for the CSL Panther Tab HD . - powerpc/64s/radix: Fix RWX mapping with relocated kernel . - powerpc/64s/radix: Fix crash with unaligned relocated kernel . - powerpc/64s: Fix local irq disable when PMIs are disabled . - powerpc/kexec_file: Count hot-pluggable memory in FDT estimate . - powerpc/kexec_file: Fix division by zero in extra size estimation . - powerpc/rtas: avoid device tree lookups in rtas_os_term . - powerpc/rtas: avoid scheduling in rtas_os_term . - powerpc/vmlinux.lds: Add an explicit symbol for the SRWX boundary . - powerpc/vmlinux.lds: Ensure STRICT_ALIGN_SIZE is at least page aligned . - powerpc: move __end_rodata to cover arch read-only sections . - qlcnic: fix sleep-in-atomic-context bugs caused by msleep . - r8152: add vendor/device ID pair for Microsoft Devkit . - r8169: move rtl_wol_enable_rx and rtl_prepare_power_down . - regulator: da9211: Use irq handler when ready . - rpm/mkspec-dtb: add riscv64 dtb-renesas subpackage - s390/qeth: fix various format strings . - sched/core: Fix arch_scale_freq_tick on tickless systems - sched/core: Introduce sched_asym_cpucap_active - sched/cpuset: Fix dl_cpu_busy panic due to empty - sched/deadline: Merge dl_task_can_attach and dl_cpu_busy - sched/tracing: Report TASK_RTLOCK_WAIT tasks as - sched/uclamp: Make asym_fits_capacity use util_fits_cpu - sched: Avoid double preemption in __cond_resched_*lock* - scsi: Revert "scsi: core: map PQ=1, PDT=other values to SCSI_SCAN_TARGET_PRESENT" . - scsi: core: Fix a race between scsi_done and scsi_timeout . - scsi: efct: Fix possible memleak in efct_device_init . - scsi: elx: libefc: Fix second parameter type in state callbacks . - scsi: fcoe: Fix possible name leak when device_register fails . - scsi: fcoe: Fix transport not deattached when fcoe_if_init fails . - scsi: hpsa: Fix allocation size for scsi_host_alloc . - scsi: hpsa: Fix error handling in hpsa_add_sas_host . - scsi: hpsa: Fix possible memory leak in hpsa_add_sas_device . - scsi: hpsa: Fix possible memory leak in hpsa_init_one . - scsi: ipr: Fix WARNING in ipr_init . - scsi: mpi3mr: Refer CONFIG_SCSI_MPI3MR in Makefile . - scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add . - scsi: mpt3sas: Remove scsi_dma_map error messages . - scsi: scsi_debug: Fix a warning in resp_report_zones . - scsi: scsi_debug: Fix a warning in resp_verify . - scsi: scsi_debug: Fix a warning in resp_write_scat . - scsi: scsi_debug: Fix possible name leak in sdebug_add_host_helper . - scsi: snic: Fix possible UAF in snic_tgt_create . - scsi: storvsc: Correct reporting of Hyper-V I/O size limits . - scsi: storvsc: Fix swiotlb bounce buffer leak in confidential VM . - scsi: tracing: Fix compile error in trace_array calls when TRACING is disabled . - scsi: ufs: Stop using the clock scaling lock in the error handler . - scsi: ufs: core: Enable link lost interrupt . - sctp: fail if no bound addresses can be used for a given scope . - selftests/vm: remove ARRAY_SIZE define from individual tests . - selftests: Provide local define of __cpuid_count . - serial: 8250_dma: Fix DMA Rx rearm race . - serial: atmel: fix incorrect baudrate setup . - serial: pch_uart: Pass correct sg to dma_unmap_sg . - sfc: fix potential memleak in __ef100_hard_start_xmit . - soc: imx8m: Fix incorrect check for of_clk_get_by_name . - spi: spidev: remove debug messages that access spidev-greater than spi without locking . - staging: mt7621-dts: change some node hex addresses to lower case . - staging: vchiq_arm: fix enum vchiq_status return types . - swim3: add missing major.h include . - tcp: prohibit TCP_REPAIR_OPTIONS if data was already sent . - thermal/core: Remove duplicate information when an error occurs . - thunderbolt: Do not call PM runtime functions in tb_retimer_scan . - thunderbolt: Do not report errors if on-board retimers are found . - thunderbolt: Use correct function to calculate maximum USB3 link rate . - tick/nohz: Use WARN_ON_ONCE to prevent console saturation. - tick/sched: Fix non-kernel-doc comment . - tomoyo: fix broken dependency on *.conf.default . - tools: fix ARRAY_SIZE defines in tools and selftests hdrs . - tracing/hist: Fix issue of losting command info in error_log . - tracing/hist: Fix out-of-bound write on "action_data.var_ref_idx" . - tracing/hist: Fix wrong return value in parse_action_params . - tracing/osnoise: Make osnoise_main to sleep for microseconds . - tracing/perf: Avoid -Warray-bounds warning for __rel_loc macro . - tracing/probes: Handle system names with hyphens . - tracing: Add "__rel_loc" using trace event macros . - tracing: Add DYNAMIC flag for dynamic events . - tracing: Add trace_event helper macros __string_len and __assign_str_len . - tracing: Avoid -Warray-bounds warning for __rel_loc macro . - tracing: Do not use out-of-sync va_list in event printing . - tracing: Ensure trace buffer is at least 4096 bytes large . - tracing: Fix a kmemleak false positive in tracing_map . - tracing: Fix complicated dependency of CONFIG_TRACER_MAX_TRACE . - tracing: Fix infinite loop in tracing_read_pipe on overflowed print_trace_line . - tracing: Fix issue of missing one synthetic field . - tracing: Fix mismatched comment in __string_len . - tracing: Fix possible memory leak in __create_synth_event error path . - tracing: Fix race where histograms can be called before the event . - tracing: Fix sleeping function called from invalid context on RT kernel . - tracing: Fix tp_printk option related with tp_printk_stop_on_boot . - tracing: Fix warning on variable "struct trace_array" . - tracing: Have TRACE_DEFINE_ENUM affect trace event types as well . - tracing: Have syscall trace events use trace_event_buffer_lock_reserve . - tracing: Have type enum modifications copy the strings . - tracing: Make tp_printk work on syscall tracepoints . - tracing: Use alignof__ instead of offsetof . - tracing: incorrect isolate_mote_t cast in mm_vmscan_lru_isolate . - tty: fix possible null-ptr-defer in spk_ttyio_release . - tty: serial: qcom-geni-serial: fix slab-out-of-bounds on RX FIFO buffer . - usb-storage: apply IGNORE_UAS only for HIKSEMI MD202 on RTL9210 . - usb: acpi: add helper to check port lpm capability using acpi _DSM . - usb: cdns3: remove fetched trb from cache before dequeuing . - usb: core: hub: disable autosuspend for TI TUSB8041 . - usb: dwc3: qcom: enable vbus override when in OTG dr-mode . - usb: fotg210-udc: Fix ages old endianness issues . - usb: gadget: f_fs: Ensure ep0req is dequeued before free_request . - usb: gadget: f_fs: Fix unbalanced spinlock in __ffs_ep0_queue_wait . - usb: gadget: f_fs: Prevent race during ffs_ep0_queue_wait . - usb: gadget: f_hid: fix f_hidg lifetime vs cdev . - usb: gadget: f_hid: fix refcount leak on error path . - usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate . - usb: gadget: f_uac2: Fix incorrect increment of bNumEndpoints . - usb: gadget: g_webcam: Send color matching descriptor per frame . - usb: gadget: udc: core: Print error code in usb_gadget_probe_driver . - usb: gadget: udc: core: Revise comments for USB ep enable/disable . - usb: gadget: udc: core: Use pr_fmt to prefix messages . - usb: gadget: udc: core: remove usage of list iterator past the loop body . - usb: host: ehci-fsl: Fix module alias . - usb: typec: altmodes/displayport: Add pin assignment helper . - usb: typec: altmodes/displayport: Fix pin assignment calculation . - usb: typec: tcpm: Fix altmode re-registration causes sysfs create fail . - usb: xhci: Check endpoint is valid before dereferencing it . - vc_screen: move load of struct vc_data pointer in vcs_read to avoid UAF . - vfs: make sync_filesystem return errors from -greater than sync_fs . - virtio-blk: modify the value type of num in virtio_queue_rq . - virtio-net: correctly enable callback during start_xmit . - virtio_pci: modify ENOENT to EINVAL . - w1: fix WARNING after calling w1_process . - w1: fix deadloop in __w1_remove_master_device . - wait: Fix __wait_event_hrtimeout for RT/DL tasks - watchdog: diag288_wdt: do not use stack buffers for hardware data . - watchdog: diag288_wdt: fix __diag288 inline assembly . - wifi: brcmfmac: fix regression for Broadcom PCIe wifi devices . - wifi: mac80211: sdata can be NULL during AMPDU start . - wifi: mt76: mt7921: add mt7921_mutex_acquire at mt7921_sta_set_decap_offload . - wifi: mt76: mt7921e: fix race issue between reset and suspend/resume . - wifi: mt76: sdio: fix the deadlock caused by sdio-greater than stat_work . - wifi: mt76: sdio: poll sta stat when device transmits data . - wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid . - x86/hyperv: Remove unregister syscore call from Hyper-V cleanup . - x86/hyperv: Restore VP assist page after cpu offlining/onlining . - xfs: Fix unreferenced object reported by kmemleak in xfs_sysfs_init . - xfs: fix incorrect error-out in xfs_remove . - xfs: fix incorrect i_nlink caused by inode racing . - xfs: fix maxlevels comparisons in the btree staging code . - xfs: fix memory leak in xfs_errortag_init . - xfs: get rid of assert from xfs_btree_islastblock . - xfs: get root inode correctly at bulkstat . - xfs: initialize the check_owner object fully . - xfs: prevent a WARN_ONCE in xfs_ioc_attr_list . - xfs: reject crazy array sizes being fed to XFS_IOC_GETBMAP* . - xfs: return errors in xfs_fs_sync_fs . - xfs: xfstest fails with error missing kernel patch . - xhci-pci: set the dma max_seg_size . - xhci: Fix null pointer dereference when host dies . - zram: Delete patch for regression addressed . - zram: do not lookup algorithm in backends table . Special Instructions and Notes: Please reboot the system after installing this update.